Slashdot videos: Now with more Slashdot!

View

Discuss

Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

An anonymous reader writes A group of researchers from University of California, Berkeley, have analyzed five popular web-based password managers and have discovered vulnerabilities that could allow attackers to learn a user's credentials for arbitrary websites. The five password managers they analyzed are LastPass, RoboForm, My1Login, PasswordBox and NeedMyPassword. "Of the five vendors whose products were tested, only the last one (NeedMyPassword) didn't respond when they contacted them and responsibly shared their findings. The other four have fixed the vulnerabilities within days after disclosure. 'Since our analysis was manual, it is possible that other vulnerabilities lie undiscovered,' they pointed out. They also announced that they will be working on a tool that automatizes the process of identifying vulnerabilities, as well as on developing a 'principled, secure-by-construction password manager.'"

I'd probably say KeePass is as secure as things get, since it doesn't use the Web in any way, shape, or form.

What I'd like to see with password apps that use a cloud provider for backend storage, (be it 1Password, mSecure, or so on), would be a keyfile that is manually transferred between devices, and never is put on the cloud backend. This way, if/when the cloud provider is hacked, the password file is not just protected by the passphrase, but by a keyfile that an attacker would have to compromise a physical device to get.

Hate responding to my own posts, but adding another idea... Each endpoint device has its own private key... so the data that is stored on the backend cloud provider would be conventionally encrypted, but would be unlockable by any key in the access list, similar to a PGP attachment that lists multiple public keys. That way, one can add and remove devices by using their key, and no common file needs to be shared.

I e-mail myself my passwords with the site name in the subject line and the password in the body of the e-mail. It works really well for sites I forgot the password for, and it's 100% safe as Google uses HTTPS by default now.

I have a YubiKey NEO that works perfectly with LastPass, both on desktop systems via USB, and on my mobile device via NFC. The key has internal non-volatile storage but no battery; when it's plugged in and used, it atomically reads from storage; uses the input from storage as a salt to generate a unique one-time password (a long ASCII string); transmits the password to the host device; then updates the non-volatile storage with some magic to ensure that the next one-time password is unique, unguessable and

An attacker would need my LastPass password (which is not, itself, stored in my LastPass vault); my physical YubiKey; and the knowledge to use both in tandem, in order to gain access to my LastPass account.

Yes, because the Lastpass website enforces this two factor scheme.

On the other hand, once it's open on your computer: the entire database is available for RAM-scraping malware to take a peek.

Or to decrypt using only the master password, since, as I understand: it's just the Lastpass website that req

Why not just install the app as well? Then you don't need the USB cable. You just load up you database, and opt to view the password. Then type it in manually. Just be on the lookout for people looking over your shoulder or cameras that could read the screen.

You can do this with KeepPass, Google Drive, and a sneakernet'd keyfile. Move the keyfile to a non-synced location on each common computer (and / or carry it with you on your phone or USB drive), stick the KP database in Google Drive, viola. Secure access to everything from everywhere.

How about no keyfile at all [masterpasswordapp.com]? Keeping backups of a keyfile in secure locations, syncing a keyfile between multiple devices and handhelds securely and without conflict, etc all needlessly complicate password management and eventually affect overall security. Also, if an authority obtains your keyfile through any form of search, they are legally within their right to force you to provide the key to unlock it. Not so if there is no encrypted vault.

That is very dangerous: when the master password is trivial to reverse from the site password, an attacker could easily set up a hoax site, get your site password and reverse your master key. Master Password above uses a hmac-sha-256 of a 64 byte master key which is something you can't just reverse. It also uses an expensive scrypt based salted key derivation to get that key from your master password, which is also something you can't reverse.

I have KeePass installed on my computers and KeyPassDroid on my phone and tablet. The file is shared between them all using Dropbox. This way, if I change it one place it's available at all the others automagically, and in case it gets corrupted I have a 30-day history of changes at Dropbox's site. I've had no problems, I like its built-in and configurable password generator, and it works a treat with the KeeFox plugin for Firefox.

(YMMV in that you may have issues with Dropbox, but for me, it works.)

same here - only I don't try to keep it in sync with other devices (don't want changes I make to my PCs keepass db to be automatically synced to my phone that might be stolen)(I might be going a little too paranoid here)

I also use Mozy for the cloud storage, as it encrypts everything stored (with a different key) and it has history.

Keepass is awesome, my only worry is that I forget which file I used as the encryption 2nd part and delete it one day!

I do the same as well, but also use a key file that I keep only on the devices and not on any cloud based service, that way it is harder if dropbox gets compromized to break the keepass database (altough I bet NSA has a trick or two).

From all reports, Dropbox is compromised by default. However, I also figure they have an easier way to get into any account I have via NSL or preexisting backdoor than to go crack my KeePass file. I'm just trying to keep everyone else out.

You can always try KeePassX [keepassx.org] (for Linux and OS X; use the latest 2.0 Alpha release) and MacPass [github.io] (for OS X), both of which are compatible with the KeePass 2.x database format. They might not have all the features but they work rather well and you don't have to deal with the monstrosity that is KeePass on a non-Windows system.

The logic is sound. You own your password file, it is encrypted and integrity checked. You can keep it somewhere shared (like google drive or dropbox) so each of your client machines has a copy for redundancy, but changes are shared and available to all devices.

I have a home PC, a work PC and Mac Book and an Android phone all using the same keepass file and it works great.

Web based services make no sense whatsoever. Why trust a website company when you don't have to?

You're telling us not to trust a web based service, but then tell us you keep your data shared like google drive or dropbox? I see no appreciable difference in practice there. Lastpass is essentially Keepass + a specialized dropbox-type service. Your advice is especially ironic given the spotty security dropbox is known for [zdnet.com].

At some point, you have to make informed decisions about the tradeoffs between security and convenience. For me, using Lastpass is a convenient way to synchronize the strongest possi

>You're telling us not to trust a web based service, but then tell us you keep your data shared like google drive or dropbox? I see no appreciable difference in practice there. Lastpass is essentially Keepass + a specialized dropbox-type service. Your advice is especially ironic given the spotty security dropbox is known for [zdnet.com].

The problem is not in the remote storage. It's in the local client that does the work to turn your clicks and typing into a secured file that doesn't need to trust the st

>You're telling us not to trust a web based service, but then tell us you keep your data shared like google drive or dropbox? I see no appreciable difference in practice there. Lastpass is essentially Keepass + a specialized dropbox-type service. Your advice is especially ironic given the spotty security dropbox is known for [zdnet.com].

The problem is not in the remote storage. It's in the local client that does the work to turn your clicks and typing into a secured file that doesn't need to trust the storage medium to do anything except store.

The 'web integration' puts your password manager in a really bad place - in the browser. What could possibly go wrong? Surely no one attacks web browsers.

Yep, that's very true. At this point, though, most attacks are directed at Java, Flash, or the browser's Javascript interpreter. These vectors are still dangerous because of potentially malicious content being served by untrustworthy servers. I uninstalled Flash some time ago, and make good use of noscript to prevent untested scripts from running, as that's still a dangerous attack vector. Keep in mind that plugins are run in separate processes, which affords some natural protection and isolation. Note

And I'm gonna keep using LastPass. Since I never used the bookmarklet thing, it seems unlikely I'm at any risk for exploit, and in any case, LastPass fixed that issue.

Could there be others? Oh sure. There could be issues with anything. My glass of water MIGHT be the one to contain something to make me sick. My car MIGHT have a defect. Windows 7 MIGHT BSOD three times in a night. Oh wait. That's not a might. That's a definite. Never mind.

I'd be really curious to here there opinions on KeePass, which isn't web-based but certainly in the same category.

i've always had trouble with putting all my apples in the same basket, so i never touched things like keepass, kisskiss nor any other keyring. that there's folks doing that *OVER THE WEB* is staggering. if i weren't speechles right now i'd say they deserve being raped in their most intimate identity.

The web in insecure, don't store passwords in the web. Use keepassx [keepassx.org] instead. You get it for Windows and OS X on the site, for Linux using package managers, for Android on the Play Store and maybe also for iOS (look for MiniKeePass).

To claim that it is impossible or futile to store passwords on the web is missing the point. The nature of the content is immaterial. If you are of the opinion that passwords can't be securely stored on the web, then you must also believe that NO content can securely be stored on the web -- in which case, have fun living in the dark ages, where the only thing you can do with the web is share information that you're fine with being released to the general public.

I think there's a difference between "being willing to accept the risk of my credit card(s) being compromised on the internet" and "being willing to accept the risk of every account password I have being compromised on the internet". I essentially have insurance to help me recover losses from my credit cards. Having every bank account and retirement account drained by an enterprising criminal with access to all of my account and personal details is on a completely different risk level.

I think there's a difference between "being willing to accept the risk of my credit card(s) being compromised on the internet" and "being willing to accept the risk of every account password I have being compromised on the internet". I essentially have insurance to help me recover losses from my credit cards. Having every bank account and retirement account drained by an enterprising criminal with access to all of my account and personal details is on a completely different risk level.

Let's assume for the moment that you're correct and that there is a difference in risk level between submitting your name, address, email, credit card number, CVV2 (these are the fields required for a standard online order form), and storing all your passwords on the Internet.

Let's assume someone actually does intercept your order form, and gets all the above-mentioned personal data on you (perhaps because the company processing your order stored all your order info in an unprotected SQL database). Many peo

Food For Thought - It is easy to develop a simple algorithm to remember passwords and thus remember different passwords to any website. Essentially, unless you are being tortured, no one will be able to know your algorithm for setting passwords (you store the algorithm in your head). Your algorithm may appear "weak" if someone knew it but no one has to know it (i.e. you could use the first 5 letters in the web address to seed your algorithm).

Not really. Your algorithm can deal with these requirements fairly easily and you can guess your password more than once (failed password means you couldn't use your algorithm 100%, so proceed to "alternate") OR look up what the "rules" where for creating a password OR reset your password.

A decently well defined and broad algorithm should handle most of these issues without a problem. I know mine does.Basically, make sure your algorithm will always result in the use of a capital, a number and a special cha

I tried something like this in the past. I had a root phrase I used, and added some other things like certain characters from the URL at the beginning/end. A few common issues with this. Say you want to use the last character in the company name as a modifier for your base password. For Dish Network, do you use h for the last character of the URL (dish.com) or k for the full name (dish network)? Some of the sites I have accounts with have an obscure, seemingly unrelated website/URL for their billing an

I have a simple text file with a mnemonic for my password for each site I use. I have half a dozen or so passwords - not so many I can't remember each, but too many to keep straight which is for which site. So I might have a note that this bank uses my strong financial password, while that one uses my weak financial password, and that store uses my merchant password, and so on.

Done right, storing passwords on the web can be decently secure, especially if there is some part of the decryption key (be it a public key, a secondary authenticator, or a keyfile) that is not available to the attacker, in combination with the master passphrase.

I'd say the best implementation of this would be a utility that piggybacked on the cloud provider of choice, so one isn't limited to GDrive, Dropbox, Box, Skydrive, iCloud, or others. The utility would ask for permission just for its own directory

The problem is that you can't hide things from the service provider with nothing but a browser. You need an addon or such to do secure crypto. You need to decrypt the password database locally, in-browser, and without an addon that means using JS crypto, which isn't ideal. Your mailing example is very different, since it doesn't matter if the service provider knows the address and financials, they're the intended recipient of the info! With a password manager, you don't want the service to be able to learn

The web in insecure, don't store passwords in the web. Use keepassx [keepassx.org] instead. You get it for Windows and OS X on the site, for Linux using package managers, for Android on the Play Store and maybe also for iOS (look for MiniKeePass).

I don't subscribe to this absolutist position. Web based password managers like Lastpass certainly have their uses and are extremely convenient when tons of forums and websites require you to have accounts. They make it easy to login effortlessly and across multiple computers. They are also safer in that they let you have unique passwords for every account.

That being said, the smart thing to do is to:

1) Not save any bank account / Money related passwords on a web based password manager. Heck, I wouldn't eve

Suppose you used 5 different password managers, and each one stored a password. Then, a password manager manager would glue the 5 passwords together to get the final password. Or maybe hash them to produce the final password. That way, when one password manager is cracked, it would not be enough to get your password.

Of course, then the password manager manager could be cracked. Hmm.... so you would need 5 password manager managers. Which would require a single password ma

In the case of LastPass at least, the passwords are encrypted locally and then sent to the server for storing. Your only possibility there would be searching through and finding stores with weak passwords, or finding a crack in the encryption. Otherwise, the attacks have to take place on the end user side.

The problem is that there is an conflict between a password suitable enough for protection (i.e. 20+ characters), and something quick enough to access in a short time.

mSecure addresses this in an interesting way -- they cache the extra long sync password used for the cloud. The password that is used to encrypt the synchronized database that sits in iCloud or DropBox is different from the app's passphrase. Since most phones have decent innate protection, it is not impossible, but very difficult to dump the data on a locked device [1], so one can have a fairly easy to type in PIN on the device, but the synchronized backend file is protected with a much longer (and more secure) passphrase.

[1]: iOS on the iPhone 4 and up always encrypts. Android since 3.x has the option of using md-crypt and encrypting the/data partition, then using another tool to separate the password asked on boot to decrypt that partition from the screen locker password.

The local password is cached for LastPass as well. You can either have to re-enter it each time you open the browser, after a period of time, or only once. Having had a work laptop that had personal passwords stored in it taken back when I was laid off, I realized I needed a way to store passwords such that I can still store passwords but in a way it doesn't rely on a single system.

Question i have Roboform and was under the impression it was not a web based program? It does have cloud PW saving but that is an option. All my data is saved on my PC. Can someone explain this to me. I do not want use any web based programs that save my personal data on some server i have no control of.

Does the Windows 8 password vault count as a "web-based password manager"? It does store your password on a third party online server. Hopefully its properly secured by good programmers and doesnt have any obvious (direct quote from the article) "logic and authorization mistakes to misunderstandings about the web security model, in addition to the typical vulnerabilities like CSRF and XSS".

From page 7 of the paper (http://devd.me/papers/pwdmgr-usenix14.pdf):- LastPass, RoboForm and My1login all had "bookmarklet" vulnerabilities (used if you share passwords across the web - shudder)- LastPass, Roboform and NeedMyPassword all had "web" vulnerabilities- My1login and PasswordBox both had "authorization" vulnerabilities- LastPass and RoboForm both had "UI" vulnerabilities

The other thing I wondered at was why the special mention of "creating tools to automatically identify such vulnerabilities" when there's a bunch of packages that already do that...until I looked on page 14 and saw the list of US government grants that sponsored this paper, plus mention of some Intel funding. (If you want the money to flow, first identify the problem...)

This was on HN a few days ago; my comment there was the same: In the case of LastPass, the headline is misleading and a little fearmongery.

There were two issues with LastPass and NEITHER affected its storage of persistent passwords, that is, neither affected the feature the vast majority of us use passwords managers for!

One concerned a targeted attack against one-time passwords (OTP), the other concerned bookmarklets, which are used by less than 1% of the user base, according to LastPass. Personally I didn't know either feature existed until I read the LastPass blog entry about these two vulnerabilities.

A truer headline would have been Vulnerabilities found in less-frequently used features of LastPass; persistent site password storage unaffected".

I was always imagining how bad would it be if an Online based password manager got it's servers and / or database breached, even if they use only hashing + salting for the user's details.
Perhaps I am paranoid but using an offline solution seemed better to me, from the beginning, since before the web based password managers gained trust and popularity.
The traditional offline based Keepass Password Safe can be also 'sent to the cloud' (or at least the kdbx files) via a third parity cloud provider, like Dr